CARP under Hyper-V: weird things happen
Eugene M. Zheganin
emz at norma.perm.ru
Sun May 31 16:07:51 UTC 2020
Hello,
I'm Running 12.0-REL in a VM under W2016S with CARP enabled and paired
to a baremetal FreeBSD server.
All of a sudden I realized that thjis machine is unable to become a CARP
MASTER - because it sees it's own ACRP announces, but instead of seeing
them from a CARP synthetic MAC address only, it sees additional extra
packets with several MACs derived from the original one (I'm well awared
about the -MacAddressSpoof on SetVmNetworkAdapterVlan switch, and it's
running with this thingg on, but still). These packets always almost
(but not 100%) accompany each valid CARP advertisement.
Say, we have a CARP-enabled interface:
vlan2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric
0 mtu 1500
description: AS WAN
options=80000<LINKSTATE>
ether 00:15:5d:0a:79:12
inet 91.206.242.9/28 broadcast 91.206.242.15
inet 91.206.242.12/28 broadcast 91.206.242.15 vhid 3
groups: vlan
carp: BACKUP vhid 3 advbase 1 advskew 250
vlan: 2 vlanpcp: 0 parent interface: hn1
media: Ethernet autoselect (10Gbase-T <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
Notice the MAC and now look at this:
===Cut===
[root at gw1:~]# tcpdump -T carp -nepi vlan2 carp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vlan2, link-type EN10MB (Ethernet), capture size 262144 bytes
20:45:54.152619 00:00:5e:00:01:03 > 01:00:5e:00:00:12, ethertype IPv4
(0x0800), length 70: 91.206.242.9 > 224.0.0.18: CARPv2-advertise 36:
vhid=3 advbase=1 advskew=100 authlen=7 counter=13769798250643227035
^^^ this is the ordinary and valid CARP advertisement, notice the
synthetic MAC which is requiring setting mac address spoofing.
20:45:54.152880 9c:8e:99:0f:79:42 > 01:00:5e:00:00:12, ethertype IPv4
(0x0800), length 70: 91.206.242.9 > 224.0.0.18: CARPv2-advertise 36:
vhid=3 advbase=1 advskew=100 authlen=7 counter=13769798250643227035
^^^ this is some insanity happening
20:45:54.153234 9c:8e:99:0f:79:42 > 01:00:5e:00:00:12, ethertype IPv4
(0x0800), length 70: 91.206.242.9 > 224.0.0.18: CARPv2-advertise 36:
vhid=3 advbase=1 advskew=100 authlen=7 counter=13769798250643227035
^^^ and again
20:45:54.153401 9c:8e:99:0f:79:42 > 01:00:5e:00:00:12, ethertype IPv4
(0x0800), length 70: 91.206.242.9 > 224.0.0.18: CARPv2-advertise 36:
vhid=3 advbase=1 advskew=100 authlen=7 counter=13769798250643227035
^^^ and again
20:45:57.562470 00:00:5e:00:01:03 > 01:00:5e:00:00:12, ethertype IPv4
(0x0800), length 70: 91.206.242.9 > 224.0.0.18: CARPv2-advertise 36:
vhid=3 advbase=1 advskew=100 authlen=7 counter=13769798250643227036
^^^ valid CARP advertisement, next one-second advbase cycle
20:45:57.562874 9c:8e:99:0f:79:3c > 01:00:5e:00:00:12, ethertype IPv4
(0x0800), length 70: 91.206.242.9 > 224.0.0.18: CARPv2-advertise 36:
vhid=3 advbase=1 advskew=100 authlen=7 counter=13769798250643227036
^^^ more insane stuff, notice the NEW (sic !) MAC-address
20:45:57.562955 9c:8e:99:0f:79:3c > 01:00:5e:00:00:12, ethertype IPv4
(0x0800), length 70: 91.206.242.9 > 224.0.0.18: CARPv2-advertise 36:
vhid=3 advbase=1 advskew=100 authlen=7 counter=13769798250643227036
20:45:57.562989 9c:8e:99:0f:79:3c > 01:00:5e:00:00:12, ethertype IPv4
(0x0800), length 70: 91.206.242.9 > 224.0.0.18: CARPv2-advertise 36:
vhid=3 advbase=1 advskew=100 authlen=7 counter=13769798250643227036
^C
8 packets captured
3195 packets received by filter
===Cut===
Does anyone has, by any chance, some idea about what's happening ? As
soon as I stop CARP stack on this VM these "mad" MACs aren't received
anymore, so I'm pretty confident these are somehow procuced on the
Hyper-V side.
Another weird this is that vlan1 is refusing to work (seems like
packets are never received on the VM side) unless its configured on
another adapter in the -Untagged (once again powershell term for
SetVmNetworkAdapterVlan).
Thanks.
Eugene.
More information about the freebsd-stable
mailing list